search

aayant-mend / NodeGoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
https://www.owasp.org/index.php/Projects/OWASP_Node_js_Goat_Project
Apache License 2.0
0 stars 0 forks source link

Update dependency body-parser to v1.19.2 (master) - autoclosed #119

Closed mend-for-github-com[bot] closed 1 year ago

mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
body-parser dependencies minor 1.18.3 -> 1.19.2

This PR resolves the vulnerabilities described in Issue #63

Version 1.18.3 | Risk Change | Critical | High | Medium | Low | | --- | --- | --- | --- | --- | | N/A | 0 | 1 | 0 | 0 |
Version 1.19.2 | Risk Change | Critical | High | Medium | Low | | --- | --- | --- | --- | --- | | -100% | 0 (--) | 0 (-1 ) | 0 (--) | 0 (--) |
Version 1.20.2 | Risk Change | Critical | High | Medium | Low | | --- | --- | --- | --- | --- | | -100% | 0 (--) | 0 (-1 ) | 0 (--) | 0 (--) |

Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.

Release Notes

expressjs/body-parser ### [`v1.19.2`](https://togithub.com/expressjs/body-parser/blob/HEAD/HISTORY.md#​1192--2022-02-15) [Compare Source](https://togithub.com/expressjs/body-parser/compare/1.19.1...1.19.2) \=================== - deps: bytes@3.1.2 - deps: qs@6.9.7 - Fix handling of `__proto__` keys - deps: raw-body@2.4.3 - deps: bytes@3.1.2 ### [`v1.19.1`](https://togithub.com/expressjs/body-parser/blob/HEAD/HISTORY.md#​1191--2021-12-10) [Compare Source](https://togithub.com/expressjs/body-parser/compare/1.19.0...1.19.1) \=================== - deps: bytes@3.1.1 - deps: http-errors@1.8.1 - deps: inherits@2.0.4 - deps: toidentifier@1.0.1 - deps: setprototypeof@1.2.0 - deps: qs@6.9.6 - deps: raw-body@2.4.2 - deps: bytes@3.1.1 - deps: http-errors@1.8.1 - deps: safe-buffer@5.2.1 - deps: type-is@~1.6.18 ### [`v1.19.0`](https://togithub.com/expressjs/body-parser/blob/HEAD/HISTORY.md#​1190--2019-04-25) [Compare Source](https://togithub.com/expressjs/body-parser/compare/1.18.3...1.19.0) \=================== - deps: bytes@3.1.0 - Add petabyte (`pb`) support - deps: http-errors@1.7.2 - Set constructor name when possible - deps: setprototypeof@1.1.1 - deps: statuses@'>= 1.5.0 < 2' - deps: iconv-lite@0.4.24 - Added encoding MIK - deps: qs@6.7.0 - Fix parsing array brackets after index - deps: raw-body@2.4.0 - deps: bytes@3.1.0 - deps: http-errors@1.7.2 - deps: iconv-lite@0.4.24 - deps: type-is@~1.6.17 - deps: mime-types@~2.1.24 - perf: prevent internal `throw` on invalid type